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REMARKS 

The examiner is thanked for the performance of a thorough search. By this amendment, 
Claims 1, 3, and 25-27 are amended. Claims 2 and 12-24 are cancelled. No claims are added. 
Hence, Claims 1, 3-11, and 25-27 are pending in the application. The amendments to the claims 
as indicated herein do not add any new matter to this application. Furthermore, amendments 
made to the claims as indicated herein have been made to exclusively improve readability and 
clarity of the claims and not for the purpose of overcoming alleged prior art. 

Each issue raised in the Office Action mailed May 16, 2005 is addressed hereinafter. 
I. ISSUES NOT RELATING TO PRIOR ART 

A. SPECIFICATION— ABSTRACT 

The Office Action objected to the abstract as exceeding 150 words as provided in 37 
C.F.R. 1.72 and MPEP 608.01(b). The abstract is amended herein to contain 143 words. 
Therefore, Applicant believes that the objection to the specification is fiiUy addressed. 
Reconsideration is requested. 

B. INTERVIEW 

The Applicant appreciates the Examiner extending the courtesy of a telephone interview, 
which was held on August 16, 2005 with Applicant's representative Christopher J. Palermo. The 
following is a summary of the interview: the parties discussed FIG. 2 of Apphcant's 
specification; FIG. 2 of Demirtjis; the claim amendments herein; and the arguments presented in 
an interview agenda that Applicant previously faxed to the Examiner. No agreement was 
reached with respect to allowability. , 
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11. ISSUES RELATING TO PRIOR ART 

A. CLAIMS 1-3, 6, 7, 9-1 1— DEMIRTJIS ET AL. 

Claims 1-3, 6, 7, 9-1 1 stand are rejected under 35 U.S.C. § 102(a) as allegedly 
unpatentable over Demirtjis et al. U.S. Pat. No. 6,697,864 Bl. The rejection is respectfully 
traversed. 

Claim 1 is amended with the subject matter of Claim 2 amended and incorporated into 
Claim 1. Claims 2-1 1 are directly or indirectly dependent on Claim 1 . Claims 25-27 are 
computer-readable medium or apparatus claims corresponding to Claim 1. 

Demirtjis does not teach or suggest all features of amended Claim 1. FIG. 2 of 
Applicant's specification is a visual representation of one possible implementation of features 
from Claim 1 that may help understand differences of the approach of Claim 1 as compared to 
Demirtjis. In Applicant's FIG. 2, Supplicant 125 sends request 222 for a connection to a 
physical port to Authenticator 105, such as a switch in a packet-switched network, which sends a 
request 224 for authentication to RADIUS (AAA) server 135. If the supplicant is authenticated 
successfully, RADIUS server 135 sends a response 232 with authentication and authorization 
data to the Authenticator 105, which grants a port in message 238. Further, Authenticator 105 
forwards or '^hands ofP the authentication and authorization data to DHCP Relay Agent 
103 in message 236. 

Thereafter, DHCP cUent 123 on the same host 122 as supplicant 125 sends a network 
address discovery message 242 to DHCP Relay Agent 103, which forwards the message 252 
with the authentication and authorization data to the DHCP server 113. DHCP Server 113 
replies with an address offer message 262, which the DHCP Relay Agent 103 relays in message 
264. In this arrangement, DHCP Server 113 offers an address only in response to 
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discovery messages that contain authentication and authorization data, improving security 
of the system. 

Claim 1 recites "said step of generating the second message [corresponding, e.g., to 
message 252] further comprises the step of sending a third message [corresponding, e.g., to 
message 236], from the authenticator process to the relay agent process, based on the first data 
[corresponding, e.g., to authentication and authorization data in message 232]." The third 
message is significant because it allows the authentication information to be shared with the 
discovery message, so that the relay agent process need not obtain authentication data through a 
second interaction with the AAA server or through re-entering the data. 

Claim 1 recites "said step of generating the second message [e.g., 252] further comprises 
the step of sending a third message [e.g., 236], from the authenticator process to the relay agent 
process, based on the first data [e.g., data in message 232]." The third message allows 
authentication information to be shared with the discovery message so that authentication data is 
not re-entered. 

hi contrast, Demirtjis does not disclose generating a third message from an authenticator 
process to a DHCP relay agent process. Demirtjis does not separate the relay agent and 
authenticator processes and thus fails to disclose any information sharing between them. 
Referring to FIG. 2 of Demirtjis, for the connection server 1 10 to receive authentication data for 
the DHCP server 86, Demirtjis would have to be modified as taught only in Applicant's 
disclosure. Demirtjis has no description of sending authentication data with a discovery message 
from an authenticator or relay agent to a DHCP server. 

Claim 1 also recites that "the [DHCP] relay agent process is separate from the 
authenticator process" [on the intermediate device]. In FIG. 2, the authenticator 105 hands off 
authentication data to relay agent 103 so that a second authentication with the client is not 
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needed. Nothing like this is stated in Demirtjis. In FIG. 2 of Demirtjis, the Connection Server 
110 authenticates the computer but does not hand off any authentication data to a relay agent. 

Claim 1 also recites "receiving, at the intermediate device from the host, a first message 
[e.g., 242] for discovering a logical network address for the host." For example, in Applicants' 
FIG. 2, DHCP Relay Agent 103 receives a request from DHCP Client 123. Demirtjis states that 
authentication occurs v^ith the Connection Server 110 (col 6^ lines 46-54; col 8, lines 45-50), 
which then obtains the IP address from DHCP server 86. A message does not originate from the 
host 70 directly in order to contact the DHCP server. 

Claim 1 also recites "generating a second message based on the first message and the first 
data." For example, in FIG. 2, a second message 252 (the discovery message with authentication 
and authorization data) is generated with information from the first message 242 (the discovery 
message) and first data 232 (response with authentication and authorization data from RADIUS 
server). Information from the first data is passed to the DHCP Relay Agent 103 as the third 
message 236 (authentication and authorization data). In contrast, Demirtjis does not provide for 
providing authentication and authorization data to a DHCP server or relay agent. Demirtjis 
merely describes a DHCP server that responds to any request for an address lease, regardless of 
whether the request carries authentication information. 

Fundamentally, because Demirtjis does not provide a mechanism or process to hand off 
received authentication data from an authenticator to a relay agent, so that the user is not 
required to re-enter the data into two different systems, and because the DHCP server in 
Demirtjis is not stated to restrict its replies to authenticated requesters, Demirtjis cannot 
anticipate or suggest the subject matter of Claim 1. 

Each of the features discussed above for Claim 1 is present, by dependency, in Claims 3, 
6, 7, and 9-11. Each of the dependant claims include the limitations of claims upon which they 
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depend, the dependant claims are patentable for at least those reasons the claims upon which the 
dependant claims depend are patentable. Reconsideration of Claims 1, 3, 6, 7, and 9-1 1 is 
respectfully requested. 

B. CLAIMS 12 AND 13— HOBBS; CLAIMS 14-21— FIJOLEK; CLAIM 23— 

BAIZE 

For the purpose of simplifying the issues in the case, Claims 12-21 and 23 are canceled 
herein. Therefore, the rejections of Claims 12, 13, 14-21, and 23 are moot. 

C. CLAIMS 22 AND 24-27— SCHUTTE ET AL. 

For the purpose of simplifying the issues in the case. Claims 22 and 24 are canceled 
herein. Therefore, the rejection of Claims 22 and 24 is moot. 

Claims 25-27 correspond in scope to Claim 1. The rejection is respectfully traversed. 

Schutte et al. does not provide for "handing off authentication and authorization data 
from an authenticator to a relay agent process as claimed in the "third message" of the amended 
claims. Further, Schutte et al. is fundamentally irrelevant because it illustrates a different 
operational context. Schutte et al. does not provide for authenticating a request for a switch port, 
as in the top half of Applicant's FIG. 2, followed by granting a network address to an 
authenticated DHCP client, as in the bottom half of Applicant's FIG. 2. Therefore, Schutte et al. 
does not provide the "first data" as claimed (authentication data provided by an authentication 
server to an authenticator), or a "third message" as claimed. Schutte et al. also does not disclose 
a router or switch acting as an authenticator, separate from a relay agent process. 

For all these reasons, Schutte et al. lacks at least one element, limitation or step of Claims 
25-27. Reconsideration of Claims 25-27 is respectfully requested. 
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D. CLAIMS 4 AND 5— DEMIRTJIS IN VIEW OF LLOYD; CLAIM 8— 
DEMIRTJIS IN VIEW OF BAHL 

Each of the features discussed above for Claim 1 is present, by dependency, in Claims 4, 
5, and 8. Because each of the dependant claims 4, 5, and 8 includes the limitations of Claim 1, 
the dependant claims are patentable for at least the reasons given above with respect to Claim 1 . 
Further, neither Lloyd nor Bahl cures the deficiencies noted above with respect to Demirtjis. 
Reconsideration of Claims 4, 5, and 8 is respectfully requested. 
III. CONCLUSIONS & MISCELLANEOUS 

For the reasons set forth above, it is respectfully submitted that all of the pending claims 
are now in condition for allowance. Therefore, the issuance of a formal Notice of Allowance is 
believed next in order, and that action is most earnestly solicited. 

The Examiner is respectfully requested to contact the undersigned by telephone if it is 
believed that such contact would further the examination of the present application. 

A petition for extension of time, to the extent necessary to make this reply timely filed, is 
hereby made. If appHcable, a law firm check for the petition for extension of time fee is enclosed 
herewith. If any applicable fee is missing or insufficient, throughout the pendency of this 
application, the Commissioner is hereby authorized to any applicable fees and to credit any 
overpayments to our Deposit Account No. 50-1302. 



Respectfully submitted, 



HICKMAN PALERMO TRUONG & BECKER LLP 



Dated: August 16, 2005 




Christopher J. Palermo 
Reg. No. 42,056 



1600 Willow Street 
San Jose, Califomia 95125-5106 
Telephone No.: (408) 414-1080 x202 
Facsimile No.: (408)414-1076 



